CVE-2016-2160

Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
redhatopenshift_origin
-
redhatopenshift
3.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2016:1064
https://bugzilla.redhat.com/show_bug.cgi?id=1316127
https://github.com/openshift/origin/pull/7864
https://access.redhat.com/errata/RHSA-2016:1064
https://bugzilla.redhat.com/show_bug.cgi?id=1316127
https://github.com/openshift/origin/pull/7864